The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 22 blue-team Open-Source Projects
-
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
-
adversarial-robustness-toolbox
Adversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
-
Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
-
Hacking-Windows
A FREE Windows C development course where we will learn the Win32API and reverse engineer each step utilizing IDA Free in both an x86 and x64 environment.
-
DumpsterFire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
-
opensquat
The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.
-
-
Trawler
PowerShell script to help Incident Responders discover potential adversary persistence mechanisms.
-
assisted-log-enabler-for-aws
Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.
-
-
turbo-scanner
A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.
-
infosec-interview-questions
🗒️ A [work-in-progress] collection for interview questions for Information Security roles
-
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
-
-
catherine
The Catherine Framework is a general-purpose cybersecurity framework built to provide extended support for defense operations.
-
rear_view_rpz
Turn your recursive DNS (BIND) server into a network investigation enabler with DnsTap and RPZ.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
There's a ton of valuable resources out there when searching for "detection engineering", beyond that, check https://research.splunk.com/ to get an idea of a structured and contextual approach. Beyond that, check Rob van Os Magma use case framework and any blog you can find on https://correlatedsecurity.com (Jurgen Visser). Last but not least, anything "awesome" on github, e.g. https://github.com/fabacab/awesome-cybersecurity-blueteam
A different solution that runs locally is opensquat.
https://github.com/atenreiro/opensquat
Project mention: Non-SysAdmin Use Cases for PowerShell? Basically, any use cases NOT involving network, RDP, system config, IT/LAN admin type stuff? | /r/PowerShell | 2023-05-10I use it for DFIR work - example - https://github.com/joeavanzato/Trawler
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
blue-team related posts
- SIEM content development
- NoMoreCookies protector version 2.3 released
- NoMoreCookies protector version 2.3 released
- NoMoreCookies: Protection Against Accounts Stealing
- NoMoreCookies: Protection against browser stealers/rats
- NoMoreCookies: Protection against browser stealers/rats
- NoMoreCookies: Protection against browser stealers/rats
-
A note from our sponsor - WorkOS
workos.com | 25 Apr 2024
Index
What are some of the best open-source blue-team projects? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | awesome-security-hardening | 4,935 |
| 2 | adversarial-robustness-toolbox | 4,447 |
| 3 | awesome-cybersecurity-blueteam | 4,004 |
| 4 | Bashfuscator | 1,502 |
| 5 | Hacking-Windows | 1,254 |
| 6 | BLUESPAWN | 1,206 |
| 7 | DumpsterFire | 959 |
| 8 | awesome-list-of-secrets-in-environment-variables | 843 |
| 9 | opensquat | 648 |
| 10 | aws-cloudsaga | 424 |
| 11 | slack-watchman | 289 |
| 12 | Trawler | 287 |
| 13 | assisted-log-enabler-for-aws | 210 |
| 14 | Handle-Ripper | 189 |
| 15 | gitlab-watchman | 188 |
| 16 | kc7 | 156 |
| 17 | turbo-scanner | 140 |
| 18 | infosec-interview-questions | 127 |
| 19 | ShonyDanza | 114 |
| 20 | CVE-2022-47966-Scan | 25 |
| 21 | catherine | 16 |
| 22 | rear_view_rpz | 10 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com